National Australia Bank (NAB) continues to be embroiled in cyber-attacks. MailGuard intercepted another phishing email scam purporting to come from the bank on Wednesday morning (AEST), 26th June 2019.
The plain-text emails appear to come from an email address forging the ‘nab.com.au’ domain. They inform recipients about a sign in to their NAB account from an ‘unrecognized device’. To follow further instructions, the email directs recipients to click on a link.
Here is a screenshot of the email:
Unsuspecting recipients who click on the link are first redirected to a URL starting with ‘http://247-smart-life-tv.com’ and then to a second URL which leads to a NAB-branding phishing page asking for users’ log-in information. Here’s a screenshot of the page:
Upon logging in, users are directed to another page where a simulated security form titled ‘Verify Your Identity’ appears. This form asks users to submit more of their personal details:
After users enter their information and hit the ‘submit’ button, they are led to a ‘Thank You’ page, informing them that they will be logged off their accounts.
Finally, the users are redirected to the actual NAB website:
This message contains several typical elements of a phishing email:
- use of a major brand name to inspire false trust; the usage of the supposed ‘NAB’ domain boosts the credibility of the email,
- high-quality graphical elements such as the NAB branding, logo & repeated usage of ‘safety features’ typically expected of a well-established bank such as links to ‘NAB Banking Help’ and support numbers,
- false urgency; telling the recipient that ‘someone from an unrecognized device’ has logged in to create a sense of anxiety,
- and the startling subject line; ‘Unexpected sign-in attempt’ also urges the recipient to take immediate notice and action
The elements above are meant to convince the phishing victim they are taking appropriate action by clicking on the link provided in the email.
Although the email claims to be a bank notification, this is not an exceptionally well-made phishing email; it displays several errors in the text spacing and sentence construction. Grammatical errors, such as ‘Please kindly Sign on here, should be a big red flag alerting recipients to the inauthenticity of the email.
This phishing campaign is very similar to other recent online banking scams, which have also targeted customers of Westpac bank and Zenith Bank. With an increase in customers now managing their finances online, cybercriminals are employing a wide range of techniques to trick users into surrendering their account details, and funds.
What is "phishing?"
Phishing is the practice of tricking email recipients into revealing personal information that criminals can exploit for gain.
Phishing emails go to a wide group of random people; it’s like a fisherman casting a wide net to see what he can catch. The attackers know that not everyone will respond, but they know that if they send enough emails out somebody will probably take the bait.
A phishing attack message will typically include a link that will send the unwary victim to a fake login website. Once there, the user will be asked to enter username and password data which will be automatically captured by the phishing page.
Scammers use phishing pages to collect login credentials for email accounts, bank accounts, and a wide range of other online services.
Stop email fraud
Cybercriminals know we can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People aren't machines; we're all capable of making bad judgement calls. Without email filtering protecting your inbox, it’s all too easy to have a momentary lapse of judgement and click on the wrong thing.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below: